We are currently starting to use ENCRYPT REVERSE passwords in VM:Secure. I'm guessing the way to migrate to a new release of z/VM is to:
- Unencrypt the system/directory
- Merge the old and new directories like in the past
- Reencrypt the system and directory again
Awkward, but doable. Anyone have a better way?
Then there's the case if security pushes us to ENCRYPT FORWARD where you can't unencrypt the passwords. How do you merge directories with some passwords encrypted and some not?
Thanks for any thoughts or ideas or....
You are correct, you will need to merge directories and will need to have the passwords either all encrypted or non of them encrypted.
Why not encrypt the passwords on the new system and when you merge the entries all will be encrypted and you will have the correct CP pieces in place for encryption (RPI configuration) on your base system.
You have to have a directory of all encrypted or all plain text you can’t have both.